Script dns-update

Script types: portrule
Categories: vuln, intrusive
Download: https://svn.nmap.org/nmap/scripts/dns-update.nse

Script Summary

Attempts to perform a dynamic DNS update without authentication.

Either the test or both the hostname and ip script arguments are required. Note that the test function will probably fail due to using a static zone name that is not the zone configured on your target.

Script Arguments

dns-update.test

Add and remove 4 records to determine if the target is vulnerable.

dns-update.ip

The ip address of the host to add to the zone

dns-update.hostname

The name of the host to add to the zone

Example Usage

nmap -sU -p 53 --script=dns-update --script-args=dns-update.hostname=foo.example.com,dns-update.ip=192.0.2.1 <target>

Script Output

PORT   STATE SERVICE
53/udp open  domain
| dns-update:
|   Successfully added the record "nmap-test.cqure.net"
|_  Successfully deleted the record "nmap-test.cqure.net"

Requires

• dns
• nmap
• shortport
• stdnse
• table

---

Author:

• Patrik Karlsson

License: Same as Nmap--See https://nmap.org/book/man-legal.html